AMENDMENTS TO THE CLAIMS 



1 . (Canceled) 

2. (Currently amended) A mobile wireless terminal apparatus in a mobile wireless 
communication system which has a public network, a private network and a public wireless LAN 
system and comprises: 

a virtual private network relay apparatus which establishes an IPsec tunnel with a 
network relay apparatus installed on the private network via the public network, further 
establishes the IPsec tunnel with the mobile wireless terminal apparatus and relays connection of 
the mobile wireless terminal apparatus from the public wireless LAN system to the private 
network, 

a connection authentication server that is installed on the public wireless LAN system 
and authenticates connection of the mobile wireless terminal apparatus to the public wireless 
LAN system, and 

a wireless LAN access point that relays connection authentication procedures of [[a]] the 
public wireless LAN performed between the mobile wireless terminal apparatus and the 
connection authentication server, the mobile wireless terminal apparatus comprising: 

an authentication processing section that performs authentication processing [[of]] 
for connection to the public wireless LAN system and to the connection authentication server; 

an address acquiring section that acquires an IP address of the virtual private 
network relay apparatus from the connection authentication server when the connection to the 
public wireless LAN system is permitted; 
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an address notifying section that notifies sends an IP address of the mobile 
wireless terminal apparatus to the virtual private network relay apparatus, via the connection 
authentication server; and 

an IPsec key exchanging section that performs an IPsec key exchange with the 
virtual private network relay apparatus using the IP address of the virtual private network relay 
apparatus , wherein the IPsec key exchange is performed by IPsec main mode . 

3-4. (Canceled) 

5. (Currently amended) A mobile wireless terminal apparatus in a mobile wireless 
communication system which has a public network, a private network and a public wireless LAN 
system and comprises: 

a virtual private network relay apparatus which establishes an IPsec tunnel with a 
network relay apparatus installed on the private network via the public network, further 
establishes the IPsec tunnel with the mobile wireless terminal apparatus and relays connection of 
the mobile wireless terminal apparatus from the public wireless LAN system to the private 
network, 

a home agent that controls moving movement of the mobile wireless terminal apparatus, 
a connection authentication server that is installed on the public wireless LAN system 

and authenticates connection of the mobile wireless terminal apparatus to the public wireless 

LAN system, and 

a wireless LAN access point that relays connection authentication procedures of [[a]] the 
public wireless LAN performed between the mobile wireless terminal apparatus and the 
connection authentication server, the mobile wireless terminal apparatus comprising: 



LAW OFFICES OF 
CHRISTENSEN O'CONNOR JOHNSON KINDNESS-"* 
1420 Fifth Avenue 
Suite 2800 
Seattle, Washington 98101 
-3- 206.682.8100 

WPMCO\33105AM.DOC 



an authentication processing section that performs authentication processing [[ofj] 
for connection to the public wireless LAN system and to the connection authentication server; 

an address acquiring section that acquires an IP address of the virtual private 
network relay apparatus from the connection authentication server when the connection to the 
public wireless LAN system is permitted; 

an address notifying section that notifies sends an IP address of the mobile 
wireless terminal apparatus to the virtual private network relay apparatus, via the connection 
authentication server; 

an IPsec shared key acquiring section that acquires an IPsec pre-shared secret key! 
from the connection authentication server, for use in [[the]] an IPsec key exchange performed 
with the virtual private network relay apparatus from th e connection auth e ntication s e rv e r ; 

an MIP shared key acquiring section that acquires an MIP pre-shared secret key a 
from the connection authentication server, for use in mobile IP registration with the home agent 
from th e connection auth e ntication s e rv e r ; 

an IPsec key exchanging section that performs exchange of the IPsec key with the 
virtual private network relay apparatus using the IPsec pre-shared secret ke y, wherein the IPsec 
key exchange is performed by IPsec main mode ; and 

an MIP registering section that [[makes]] initiates the mobile IP registration to the 
home agent using the MIP pre-shared secret key. 

6-14. (Canceled) 

15. (New) A mobile wireless terminal apparatus comprising: 

an authentication processing section that performs authentication processing for 
connection to the public wireless LAN system and to the connection authentication server; 
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an address acquiring section that acquires an IP address of the virtual private network 
relay apparatus from the connection authentication server when the connection to the public 
wireless LAN system is permitted; 

an address notifying section that sends an IP address of the mobile wireless terminal 
apparatus to the virtual private network relay apparatus, via the connection authentication server; 
and 

an IPsec key exchanging section that performs an IPsec key exchange with the virtual 
private network relay apparatus using the IP address of the virtual private network relay 
apparatus, wherein the IPsec key exchange is performed by IPsec main mode. 

16. (New) A mobile wireless terminal apparatus comprising: 

an authentication processing section that performs authentication processing for 
connection to the public wireless LAN system and to the connection authentication server; 

an address acquiring section that acquires an IP address of the virtual private network 
relay apparatus from the connection authentication server when the connection to the public 
wireless LAN system is permitted; 

an address notifying section that sends an IP address of the mobile wireless terminal 
apparatus to the virtual private network relay apparatus, via the connection authentication server; 

an IPsec shared key acquiring section that acquires an IPsec pre-shared secret key, from 
the connection authentication server, for use in an IPsec key exchange performed with the virtual 
private network relay apparatus; 

an MIP shared key acquiring section that acquires an MIP pre-shared secret key, from the 
connection authentication server, for use in mobile IP registration with the home agent; 
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an IPsec key exchanging section that performs exchange of the IPsec key with the virtual 
private network relay apparatus using the IPsec pre-shared secret key, wherein the IPsec key 
exchange is performed by IPsec main mode; and 

an MIP registering section that initiates the mobile IP registration to the home agent using 
the MIP pre-shared secret key. 
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